lokesh1729/Nginx Redirection Flow

## docker_nginx
upstream my_site {
    server app:8080;
}

server {
    listen 443 ssl;
    charset utf-8;
    server_name jcvtest.xyz www.jcvtest.xyz;

    location = /favicon.ico { access_log off; log_not_found off; }

    client_max_body_size 4G;
    access_log /app/logs/nginx-access.log;
    error_log /app/logs/nginx-error.log;
    location / {
        proxy_redirect off;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header Host $host;
        proxy_set_header X-Forwarded-Proto $scheme;
        if (!-f $request_filename) {
            proxy_pass http://my_site;
            break;
        }
    }

    location /static/ {
        autoindex on;
        alias /app/static/;
    }

    location /media/ {
        autoindex on;
        alias /app/media/;
    }

    ssl_certificate /etc/letsencrypt/live/jcvtest.xyz/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/jcvtest.xyz/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

}
server {
    listen 80;
    server_name jcvtest.xyz www.jcvtest.xyz;
    if ($host = www.jcvtest.xyz) {
        return 301 https://$host$request_uri;
    } # managed by Certbot


    if ($host = jcvtest.xyz) {
        return 301 https://$host$request_uri;
    } # managed by Certbot
   location / {
        return 301 https://$host$request_uri;
    }
    location /.well-known/acme-challenge/ {
      root /var/www/certbot;
    }

   return 404; # managed by Certbot
}

## Nginx Redirection Flow


                       Nginx Redirection flow

                  www.host.com           www.host.com
                       80                    443

                        \                     /
                         \                   /
                          \                 /
                           \               /
                           \/             \/
                                 host.com
                                    80
                                    |
                                    |
                                    |
                                    |
                                    \/

                                host.com
                                   443

## with ssl
server {
    # remember there should be no comma between hostnames... only spaces
    server_name gtmstats.com;

    location = /favicon.ico { access_log off; log_not_found off; }
    client_max_body_size 4G;
    access_log /root/gtmdata/logs/nginx_access.log;
    error_log /root/gtmdata/logs/nginx_error.log debug;
    location /static/ {
        autoindex on;
        alias /root/gtmdata/static/;
    }

    location /media/ {
        autoindex on;
        alias /root/gtmdata/media/;
    }

    location / {
        proxy_redirect off;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header Host $host;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_pass http://unix:/tmp/gunicorn.sock;
    }

    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/gtmstats.com/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/gtmstats.com/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

}

server {

    if ($host = www.gtmstats.com) {
        return 301 http://$host$request_uri;
    }

    server_name www.gtmstats.com;
    return 404;

    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/gtmstats.com/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/gtmstats.com/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

}
server {
    if ($host = gtmstats.com) {
        return 301 https://$host$request_uri;
    } # managed by Certbot

    server_name gtmstats.com;

    listen 80;
    return 404; # managed by Certbot
}

server {
    if ($host = www.gtmstats.com) {
        return 301 http://$host$request_uri;
    } # managed by Certbot

    server_name www.gtmstats.com;
    listen 80;
    return 404; # managed by Certbot
}

## without_ssl
server {
    # remember there should be no comma between hostnames... only spaces
    server_name gtmapp.com;

    location = /favicon.ico { access_log off; log_not_found off; }
    client_max_body_size 4G;
    access_log /root/gtmcontent/logs/nginx_access.log;
    error_log /root/gtmcontent/logs/nginx_error.log;
    location /static/ {
        autoindex on;
        alias /root/gtmcontent/static/;
    }

    location /media/ {
        autoindex on;
        alias /root/gtmcontent/media/;
    }

    location / {
        proxy_redirect off;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header Host $host;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_pass http://unix:/tmp/gunicorn.sock;
    }

    listen 80;
}

server {

    if ($host = www.gtmapp.com) {
        return 301 http://$host$request_uri;
    }

    server_name www.gtmapp.com;
    listen 80;
    return 404;
}
	upstream my_site {
	server app:8080;
	}

	server {
	listen 443 ssl;
	charset utf-8;
	server_name jcvtest.xyz www.jcvtest.xyz;

	location = /favicon.ico { access_log off; log_not_found off; }

	client_max_body_size 4G;
	access_log /app/logs/nginx-access.log;
	error_log /app/logs/nginx-error.log;
	location / {
	proxy_redirect off;
	proxy_set_header X-Real-IP $remote_addr;
	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
	proxy_set_header Host $host;
	proxy_set_header X-Forwarded-Proto $scheme;
	if (!-f $request_filename) {
	proxy_pass http://my_site;
	break;
	}
	}

	location /static/ {
	autoindex on;
	alias /app/static/;
	}

	location /media/ {
	autoindex on;
	alias /app/media/;
	}

	ssl_certificate /etc/letsencrypt/live/jcvtest.xyz/fullchain.pem; # managed by Certbot
	ssl_certificate_key /etc/letsencrypt/live/jcvtest.xyz/privkey.pem; # managed by Certbot
	include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
	ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

	}
	server {
	listen 80;
	server_name jcvtest.xyz www.jcvtest.xyz;
	if ($host = www.jcvtest.xyz) {
	return 301 https://$host$request_uri;
	} # managed by Certbot


	if ($host = jcvtest.xyz) {
	return 301 https://$host$request_uri;
	} # managed by Certbot
	location / {
	return 301 https://$host$request_uri;
	}
	location /.well-known/acme-challenge/ {
	root /var/www/certbot;
	}

	return 404; # managed by Certbot
	}




	Nginx Redirection flow

	www.host.com www.host.com
	80 443

	\ /
	\ /
	\ /
	\ /
	\/ \/
	host.com
	80
	\|
	\|
	\|
	\|
	\/

	host.com
	443
	server {
	# remember there should be no comma between hostnames... only spaces
	server_name gtmstats.com;

	location = /favicon.ico { access_log off; log_not_found off; }
	client_max_body_size 4G;
	access_log /root/gtmdata/logs/nginx_access.log;
	error_log /root/gtmdata/logs/nginx_error.log debug;
	location /static/ {
	autoindex on;
	alias /root/gtmdata/static/;
	}

	location /media/ {
	autoindex on;
	alias /root/gtmdata/media/;
	}

	location / {
	proxy_redirect off;
	proxy_set_header X-Real-IP $remote_addr;
	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
	proxy_set_header Host $host;
	proxy_set_header X-Forwarded-Proto $scheme;
	proxy_pass http://unix:/tmp/gunicorn.sock;
	}

	listen 443 ssl; # managed by Certbot
	ssl_certificate /etc/letsencrypt/live/gtmstats.com/fullchain.pem; # managed by Certbot
	ssl_certificate_key /etc/letsencrypt/live/gtmstats.com/privkey.pem; # managed by Certbot
	include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
	ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

	}

	server {

	if ($host = www.gtmstats.com) {
	return 301 http://$host$request_uri;
	}

	server_name www.gtmstats.com;
	return 404;

	listen 443 ssl; # managed by Certbot
	ssl_certificate /etc/letsencrypt/live/gtmstats.com/fullchain.pem; # managed by Certbot
	ssl_certificate_key /etc/letsencrypt/live/gtmstats.com/privkey.pem; # managed by Certbot
	include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
	ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

	}
	server {
	if ($host = gtmstats.com) {
	return 301 https://$host$request_uri;
	} # managed by Certbot

	server_name gtmstats.com;

	listen 80;
	return 404; # managed by Certbot
	}

	server {
	if ($host = www.gtmstats.com) {
	return 301 http://$host$request_uri;
	} # managed by Certbot

	server_name www.gtmstats.com;
	listen 80;
	return 404; # managed by Certbot
	}
	server {
	# remember there should be no comma between hostnames... only spaces
	server_name gtmapp.com;

	location = /favicon.ico { access_log off; log_not_found off; }
	client_max_body_size 4G;
	access_log /root/gtmcontent/logs/nginx_access.log;
	error_log /root/gtmcontent/logs/nginx_error.log;
	location /static/ {
	autoindex on;
	alias /root/gtmcontent/static/;
	}

	location /media/ {
	autoindex on;
	alias /root/gtmcontent/media/;
	}

	location / {
	proxy_redirect off;
	proxy_set_header X-Real-IP $remote_addr;
	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
	proxy_set_header Host $host;
	proxy_set_header X-Forwarded-Proto $scheme;
	proxy_pass http://unix:/tmp/gunicorn.sock;
	}

	listen 80;
	}

	server {

	if ($host = www.gtmapp.com) {
	return 301 http://$host$request_uri;
	}

	server_name www.gtmapp.com;
	listen 80;
	return 404;
	}